Re: Bypassing Intel Boot Guard, EdDSA

2017-10-08 Thread Steven Schear 
Why not switch to much more open CPUs (e.g. POWER8/9) which are already
comparable to much of Intel's higher end server chips.

Warrant Canary creator

On Oct 8, 2017 9:24 AM, "grarpamp"  wrote:

> On Sun, Oct 8, 2017 at 5:14 AM, George Violaris
>  wrote:
> > This is exceptional work, I am looking forward to loading it on Arduino.
> Did
> > you use a specific Arduino image by the way?
>
> Not my work.
> Go to the authors of the paper / project on their page and ask them.
>

Re: Bypassing Intel Boot Guard, EdDSA

2017-10-08 Thread grarpamp 
On Sun, Oct 8, 2017 at 5:14 AM, George Violaris
 wrote:
> This is exceptional work, I am looking forward to loading it on Arduino. Did
> you use a specific Arduino image by the way?

Not my work.
Go to the authors of the paper / project on their page and ask them.

Re: Bypassing Intel Boot Guard, EdDSA

2017-10-08 Thread George Violaris 

On 10/8/2017 4:20 AM, grarpamp wrote:

How to defeat Ed25519 and EdDSA using faults
This work was performed with my colleague Sylvain Pelissier, we
demonstrated that the EdDSA signature scheme is vulnerable to single
fault attacks, and mounted such an attack against the Ed25519 scheme
running on an Arduino Nano board. We presented a paper on the topic at
FDTC 2017, last week in Taipei.


https://www.openbsd.org/62.html
Release iminent.


This is exceptional work, I am looking forward to loading it on Arduino. 
Did you use a specific Arduino image by the way?

Bypassing Intel Boot Guard, EdDSA

2017-10-07 Thread grarpamp 
https://embedi.com/blog/bypassing-intel-boot-guard
https://github.com/flothrone/bootguard
https://github.com/REhints/BlackHat_2017
https://github.com/tianocore/edk2
https://en.wikipedia.org/wiki/Trusted_Platform_Module
https://embedi.com/blog

Killchain of IoT Devices
Betraying the BIOS: Where the Guardians of the BIOS are Failing

In recent years, there is an increasing attention to the UEFI BIOS
security. As a result, there are more advanced technologies created to
protect UEFI BIOS from illegal modifications. One of such technologies
is Intel Boot Guard (BG) – a hardware-assisted BIOS integrity
verification mechanism available since Haswell microarchitecture
(2013). So-called «UEFI rootkits killer» this technology is designed
to create a trusted boot chain (where a current boot component
cryptographically measures/verifies the integrity of the next one)
with Root-of-Trust locked into hardware.
How is that possible? Let’s take a look...


https://news.ycombinator.com/item?id=15414760
https://research.kudelskisecurity.com/2017/10/04/defeating-eddsa-with-faults/

How to defeat Ed25519 and EdDSA using faults
This work was performed with my colleague Sylvain Pelissier, we
demonstrated that the EdDSA signature scheme is vulnerable to single
fault attacks, and mounted such an attack against the Ed25519 scheme
running on an Arduino Nano board. We presented a paper on the topic at
FDTC 2017, last week in Taipei.


https://www.openbsd.org/62.html
Release iminent.